WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GAMES

Get your PC tech problems solved here. Quick response time.

Moderator: The Mod Squad

WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GAMES

Postby DJmandrevski » Wed Sep 30, 2015 6:23 pm

I got a old pc running windows 7 OS 64 bit E6500 something on the CPU or motherboard

recently i had a program self installed that come up with Trojans, and stuff like that

now my windows is jumping from one window to another or like ghostly clicking things around on the desktop

i think i still have virus or my windows gone too corrupt

also my firefox plays up on my adobe player for my facebook games and keeps closing the browser all the time


help me i dont want to reformat or back up that not an option at the moment


PS SORRY IF THIS BEING MENTION IN PASSED THREADS I HAVE NOT LOOKED YET JUST LOGGED ON AND WROTE THIS UP FOR HELP :)
DJmandrevski
Green Belt
Green Belt
 
Posts: 114
Joined: Fri Mar 26, 2004 2:58 pm
Location: MELBOURNE, AUSTRALIA

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Postby evasive » Wed Sep 30, 2015 8:17 pm

http://www.bleepingcomputer.com/

they have a few specialists and their own toolset for removing stuff like that.

You already looked inside your computer, did you see signs of bad capacitors?
http://www.badcaps.net

That could be a reason too.

Other than that, I would try another mouse and keyboard first. Sounds weird but it happened to a client of me a long time ago.
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 37389
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Postby Karlsweldt » Thu Oct 01, 2015 8:37 am

Be wary of any sites that offer "free" games or programs! Not all, but many, may contain malware or tracking cookies. And some can infect your system with a Trojan or virus.
A good way to check your system for malware is to start in 'safe' mode, do a scan with a quality antivirus program. But first turn off the 'restore' feature of Windows, or it may undo all your efforts on the next normal boot!
F@H.. to solve mankind's maladies.. in our lifetimes!
Karlsweldt
Mobo-fu Master
Mobo-fu Master
 
Posts: 20671
Joined: Wed Nov 12, 2003 11:57 am
Location: 07438

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Postby rascard2007 » Fri Oct 02, 2015 12:15 pm

U can download some free bootable discs like "Kaspersky Rescue Disk" or "AVG Rescue CD" boot with them and clean the system then U can repair ur windows install and reinstall the software that were removed by the antivirus

I recently had a serious virus infection used both for clean the PC and dont have even to repair the win7 install
"I have only come here seeking knowledge,
Things they would not teach me of in college"
-Wrapped Around Your Fingers-
-The Police-
rascard2007
Black Belt
Black Belt
 
Posts: 720
Joined: Tue Jun 12, 2007 10:47 am
Location: Havana, Cuba

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Postby DJmandrevski » Mon Oct 12, 2015 9:08 am

i would not think it's hardware or bad caps it's software, the tabs on the task bar on win7 like expand and contract or split kind of animation also it looks like someone really taking control sort of. windows briefly flicker from one window opened to another and back making it hard to type i believe it might be an error in explorer.exe file or other file
DJmandrevski
Green Belt
Green Belt
 
Posts: 114
Joined: Fri Mar 26, 2004 2:58 pm
Location: MELBOURNE, AUSTRALIA

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Postby Karlsweldt » Mon Oct 12, 2015 3:37 pm

There have been instances of a 'browser virus" that plays bad tricks. May be worth a try with Hijack This at finding what should not be on your system. Do only a scan, post results here so a pro can recommend what to delete or is suspicious.
There is a freeware version. http://www.hijackthis.com/hijackthis
F@H.. to solve mankind's maladies.. in our lifetimes!
Karlsweldt
Mobo-fu Master
Mobo-fu Master
 
Posts: 20671
Joined: Wed Nov 12, 2003 11:57 am
Location: 07438

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Postby DJmandrevski » Mon Oct 12, 2015 3:50 pm

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:45:09 AM, on 13-Oct-15
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)

FIREFOX: 41.0.1 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
C:\Users\lele\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files (x86)\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\RunOnce: [delshell] cmd.exe /c del /q "C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.bak"
O4 - HKLM\..\RunOnce: [delshelltmp] cmd.exe /c del /q "C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64tmp.bak"
O4 - HKLM\..\RunOnce: [rdshafolder12485] cmd.exe /c if not exist "C:\Program Files (x86)\Lenovo\SHAREit\Shareit.exe" rd /s /q "C:\Program Files (x86)\Lenovo\SHAREit"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\lele\AppData\Local\Torch\Update\TorchCrashHandler.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7797 bytes

i think this was the result you after sorry i might have some < umm umm > programs non legit but oh well this the result of hijackthis result
i deleted only shareit but it still come up so i del it on highjack only, done nothing else i could see few more entries i can delete but since i don't know 100% what these files do i better leave them in even if might be a trojan entry


also i should mention sometimes it like flickers the window either a browser or program window many many times a second and then stops for like 1/4 to 1/2 sec later and goes normal and does it again maybe half min again later also sometimes a window disappears that dont appear when click and sometimes a window pops in for a split sec and disappears. that all i could describe further window flickering probs
DJmandrevski
Green Belt
Green Belt
 
Posts: 114
Joined: Fri Mar 26, 2004 2:58 pm
Location: MELBOURNE, AUSTRALIA

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Postby rascard2007 » Tue Oct 13, 2015 5:16 am

U have a lot of file missing issues, perhaps they were erased by the antivirus to stop the infection and all do u experience now is just the computer post-infection "hangover"

Try booting the win7 DVD and do a system repair to roll everything back
"I have only come here seeking knowledge,
Things they would not teach me of in college"
-Wrapped Around Your Fingers-
-The Police-
rascard2007
Black Belt
Black Belt
 
Posts: 720
Joined: Tue Jun 12, 2007 10:47 am
Location: Havana, Cuba

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Postby evasive » Mon Oct 19, 2015 12:52 pm

Looks like "System Check" malware leftovers or similar. Indeed, do a SFC repair with the DVD. After that post another hijackthis log, we'll see what needs to be taken out.
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 37389
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

Re: WINDOWS 7 OS WINDOWS OF BROWSERS AND PROGRAMS PLAYING GA

Postby Karlsweldt » Mon Oct 19, 2015 2:42 pm

As to your flickering monitor images.. is this a CRT model or LCD model?
The older CRT models were susceptible to stray EMF (electrical magnetic fields) near the screen. Even a power transformer on a utility pole 10 feet away might cause flickering. LCD screens are almost immune to the effect.
F@H.. to solve mankind's maladies.. in our lifetimes!
Karlsweldt
Mobo-fu Master
Mobo-fu Master
 
Posts: 20671
Joined: Wed Nov 12, 2003 11:57 am
Location: 07438

Next

Return to Tech Support

Who is online

Users browsing this forum: No registered users and 2 guests